From: Pavel Tatashin <pasha.tatashin@soleen.com>
To: pasha.tatashin@soleen.com, jmorris@namei.org, sashal@kernel.org,
ebiederm@xmission.com, kexec@lists.infradead.org,
linux-kernel@vger.kernel.org, corbet@lwn.net,
catalin.marinas@arm.com, will@kernel.org,
linux-arm-kernel@lists.infradead.org, marc.zyngier@arm.com,
james.morse@arm.com, vladimir.murzin@arm.com,
matthias.bgg@gmail.com, bhsharma@redhat.com, linux-mm@kvack.org,
mark.rutland@arm.com
Subject: [PATCH v4 03/17] arm64: hibernate: check pgd table allocation
Date: Mon, 9 Sep 2019 14:12:07 -0400 [thread overview]
Message-ID: <20190909181221.309510-4-pasha.tatashin@soleen.com> (raw)
In-Reply-To: <20190909181221.309510-1-pasha.tatashin@soleen.com>
There is a bug in create_safe_exec_page(), when page table is allocated
it is not checked that table is allocated successfully:
But it is dereferenced in: pgd_none(READ_ONCE(*pgdp)). Check that
allocation was successful.
Fixes: 82869ac57b5d ("arm64: kernel: Add support for hibernate/suspend-to-disk")
Signed-off-by: Pavel Tatashin <pasha.tatashin@soleen.com>
---
arch/arm64/kernel/hibernate.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/arm64/kernel/hibernate.c b/arch/arm64/kernel/hibernate.c
index 025221564252..227cc26720f7 100644
--- a/arch/arm64/kernel/hibernate.c
+++ b/arch/arm64/kernel/hibernate.c
@@ -217,6 +217,11 @@ static int create_safe_exec_page(void *src_start, size_t length,
__flush_icache_range(dst, dst + length);
trans_pgd = allocator(mask);
+ if (!trans_pgd) {
+ rc = -ENOMEM;
+ goto out;
+ }
+
pgdp = pgd_offset_raw(trans_pgd, dst_addr);
if (pgd_none(READ_ONCE(*pgdp))) {
pudp = allocator(mask);
--
2.23.0
next prev parent reply other threads:[~2019-09-09 18:12 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-09 18:12 [PATCH v4 00/17] arm64: MMU enabled kexec relocation Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 01/17] kexec: quiet down kexec reboot Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 02/17] arm64: hibernate: pass the allocated pgdp to ttbr0 Pavel Tatashin
2019-09-09 18:12 ` Pavel Tatashin [this message]
2019-09-09 18:12 ` [PATCH v4 04/17] arm64: hibernate: use get_safe_page directly Pavel Tatashin
2019-09-10 8:03 ` Matthias Brugger
2019-09-10 9:10 ` Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 05/17] arm64: hibernate: remove gotos in create_safe_exec_page Pavel Tatashin
2019-09-10 8:21 ` Matthias Brugger
2019-09-10 9:12 ` Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 06/17] arm64: hibernate: rename dst to page " Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 07/17] arm64: hibernate: add PUD_SECT_RDONLY Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 08/17] arm64: hibernate: add trans_pgd public functions Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 09/17] arm64: hibernate: move page handling function to new trans_pgd.c Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 10/17] arm64: trans_pgd: make trans_pgd_map_page generic Pavel Tatashin
2019-09-10 8:29 ` Matthias Brugger
2019-09-10 9:20 ` Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 11/17] arm64: trans_pgd: pass allocator trans_pgd_create_copy Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 12/17] arm64: trans_pgd: pass NULL instead of init_mm to *_populate functions Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 13/17] kexec: add machine_kexec_post_load() Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 14/17] arm64: kexec: move relocation function setup and clean up Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 15/17] arm64: kexec: add expandable argument to relocation function Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 16/17] arm64: kexec: configure trans_pgd page table for kexec Pavel Tatashin
2019-09-09 18:12 ` [PATCH v4 17/17] arm64: kexec: enable MMU during kexec relocation Pavel Tatashin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190909181221.309510-4-pasha.tatashin@soleen.com \
--to=pasha.tatashin@soleen.com \
--cc=bhsharma@redhat.com \
--cc=catalin.marinas@arm.com \
--cc=corbet@lwn.net \
--cc=ebiederm@xmission.com \
--cc=james.morse@arm.com \
--cc=jmorris@namei.org \
--cc=kexec@lists.infradead.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=marc.zyngier@arm.com \
--cc=mark.rutland@arm.com \
--cc=matthias.bgg@gmail.com \
--cc=sashal@kernel.org \
--cc=vladimir.murzin@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox